Conversation
Notices
-
"Nothing ever happens. I wish something would hap-- OH GOD NO NOT LIKE THIS"
- CrunkLord420 likes this.
-
@laurel @PunishedD There's a bunch of other measures suggested in the original post.
https://notes.valdikss.org.ru/jabber.ru-mitm/
-
@laurel @PunishedD Not exactly, those were g*rman authorities making Hetzner add another hop in the route and issuing letsencrypt cert. With access to domain and Cloudflare's dashboard you don't even need that since it issues valid certs automatically and the IP is going to be somewhere in https://www.cloudflare.com/ips-v4/ regardless.
-
@mint @PunishedD
Damn, that could only be prevented by having disable the http-01 certificate challenge type with a dns record. And having configured acme to use the registrars api to update the certs.
-
@PunishedD And it looks like it wasn't anything more than some zoomer obtaining access to the domain and changing the nameservers to deface the site immediately. If he didn't have an ipad baby brain, he would've MitMed it for admin/mod passwords or something in order to at least present something of value.
image.png
-
@mint @PunishedD
>If he didn't have an ipad baby brain, he would've MitMed it for admin/mod passwords or something in order to at least present something of value.
Isn't this what recently happened with those Russian xmpp servers? Attackers got domain access for just a few hours, used it to issue certificates and then arp poisoned the hosting network to serve as a proxy.
-
@PunishedD Hilarious!
1724204084608.png
PunishedD
laurel
All 076萌SNS content and data are available under the 
